Skip to content
Browse files

Squashed commit of the following:

commit aeb44de3bc42f86324a6242b6b8037dd4cb8fbc3
Author: David Pollak <feeder.of.the.bears@gmail.com>
Date:   Tue Mar 5 11:48:56 2013 -0800

    Squashed commit of the following:

    commit 24ff1d946cb1f80630e747a7793ba3f574fe7202
    Author: David Pollak <feeder.of.the.bears@gmail.com>
    Date:   Tue Mar 5 11:47:24 2013 -0800

        Removed external bcrypt depedency because the code is already in Lift

commit 09980e8263723f978784666d467e8256118d2446
Author: David Pollak <feeder.of.the.bears@gmail.com>
Date:   Tue Mar 5 11:32:01 2013 -0800

    MappedPassword now uses bcrypt, but is backward compatible with existing passwords and schemas
  • Loading branch information...
1 parent 21430ca commit c7615ec123a2b4166e5c57b0bcec7cef7dd71529 @dpp dpp committed with fmpwizard Mar 5, 2013
Showing with 26 additions and 7 deletions.
  1. +26 −7 persistence/mapper/src/main/scala/net/liftweb/mapper/MappedPassword.scala
View
33 persistence/mapper/src/main/scala/net/liftweb/mapper/MappedPassword.scala
@@ -32,6 +32,12 @@ import net.liftweb.http.js._
object MappedPassword {
val blankPw = "*******"
+
+ /**
+ * Set this in boot if you want Bcrypt salt strength to be
+ * something more than the default
+ */
+ var bcryptStrength: Box[Int] = None
}
abstract class MappedPassword[T<:Mapper[T]](val fieldOwner: T)
@@ -56,11 +62,15 @@ extends MappedField[String, T] {
private var invalidMsg = ""
protected def real_i_set_!(value : String) : String = {
- password() = value match {
- case "*" | null | MappedPassword.blankPw if (value.length < 3) => {invalidPw = true ; invalidMsg = S.?("password.must.be.set") ; "*"}
- case MappedPassword.blankPw => {return "*"}
- case _ if (value.length > 4) => {invalidPw = false; hash("{"+value+"} salt={"+salt_i.get+"}")}
- case _ => {invalidPw = true ; invalidMsg = S.?("password.too.short"); "*"}
+ value match {
+ case "*" | null | MappedPassword.blankPw if (value.length < 3) =>
+ invalidPw = true ; invalidMsg = S.?("password.must.be.set") ; password.set("*")
+ case MappedPassword.blankPw => return "*"
+ case _ if (value.length > 4) => invalidPw = false;
+ val bcrypted = BCrypt.hashpw(value, MappedPassword.bcryptStrength.map(BCrypt.gensalt(_)) openOr BCrypt.gensalt())
+ password.set("b;"+bcrypted.substring(0,44))
+ salt_i.set(bcrypted.substring(44))
+ case _ => invalidPw = true ; invalidMsg = S.?("password.too.short"); password.set("*")
}
this.dirty_?( true)
"*"
@@ -86,7 +96,15 @@ extends MappedField[String, T] {
def asJsExp: JsExp = throw new NullPointerException("No way")
- def match_?(toMatch : String) = {
+ /**
+ * Test to see if an incoming password matches
+ * @param toMatch the password to test
+ * @return the matched value
+ */
+ def match_?(toMatch : String): Boolean = {
+ if (password.get.startsWith("b;")) {
+ BCrypt.checkpw(toMatch, password.get.substring(2)+salt_i.get)
+ } else
hash("{"+toMatch+"} salt={"+salt_i.get+"}") == password.get
}
@@ -96,7 +114,8 @@ extends MappedField[String, T] {
else List(FieldError(this, Text(S.?("password.must.be.set"))))
}
- def real_convertToJDBCFriendly(value: String): Object = hash("{"+value+"} salt={"+salt_i.get+"}")
+ def real_convertToJDBCFriendly(value: String): Object =
+ BCrypt.hashpw(value, MappedPassword.bcryptStrength.map(BCrypt.gensalt(_)) openOr BCrypt.gensalt())
/**
* Get the JDBC SQL Type for this field

0 comments on commit c7615ec

Please sign in to comment.
Something went wrong with that request. Please try again.